railway-deploy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The workflow explicitly runs and parses environment-variable commands that print raw KEY=VALUE pairs (e.g., railway variable list --kv, grepping DATABASE_URL, and examples like echo "secret" | railway variable set ...), which forces the agent to read/manipulate secret values and could cause those secrets to be included verbatim in its outputs or commands.